[60] in WWW Security List Archive
Re: GSS API (as a DLL)...
daemon@ATHENA.MIT.EDU (John Ludeman)
Wed Aug 17 20:51:38 1994
From: John Ludeman <johnl@microsoft.com>
To: www-security@ns1.rutgers.edu
Date: Wed, 17 Aug 94 15:27:53 TZ
----------
| From: "Alec H. Peterson" <chuckie@panix.com>
| Date: Wednesday, August 17, 1994 4:46PM
|
| Ramin Firoozye writes:
| [...]
| >
| >The BIG problem specific to security DLL's is that someone bent on breaking
| >security can write a "wrapper" DLL around a security DLL, store all the
| >stuff it gets from the caller, pass on the result onto the actual DLL and
| >store away the replies as well before passing the reply back up to the
| >caller. In other words, it becomes much easier to implement a "spoof the
| >login" type scheme.
|
| This is one of the reasons why most (if not all) applications that deal with
| secure data (like /bin/login and /bin/su) should be statically linked.
No, this is not a valid reason. The above argument implies there is no
security. If a sysadmin doesn't want this to happen, they must take the
appropriate security percautions. If they do not, then *nothing* in
the system is secure and any program the system might run can do bad
things. This again gets into site security issues which is beyond the
topic of this alias.
John
